Welcome in WebHiob - interactive learining environment for security of modern web applications.
WebHiob was created a as part of the master thesis by Robert Rozmus (student of Warsaw University of Technology, Institute of Computer Science). If you have any questions, please do not hesitate to contact with me.
Copyright (c) 2015 Robert Rozmus
To run WebHiob it is required to provide:
- Java SE Development Kit 7
- Gradle
- an IDE supporting Gradle (recommended InteliiJ IDEA )
- Tomcat (version 7 or 8)
- GWT SDK
To be able to take advantage of all lessons it is recommended to install Zed Attack Proxy (or similar tool allowing to intercept HTTP requests and responses).
Be aware that WebHiob uses Project Lombok, therefore before compilation you must enable annotation processing (In IntelliJ IDEA it could be done by pressing the File->Settings -> Build, Execution, Deployment -> Compiler -> Annotation Processors tab and checking the "Enable annotation processing" checkbox).
To run WebHiob you should use the gradle "build" task.
Click here to see full video showing all steps to run.
While running WebHiob your machine will be vulnerable to attack, therefore you should disconnect from the Internet while using it.The WebHiob environment is for educational purposes only. You should not try to attempt these techniques on the Internet without authorization, because it is against to the law.